While vendor risk management has long been an area of concern for Financial Institutions, regulators are now looking for banks to do more and provide a higher level of assurance about the security practices of their vendors. But how? With regulators continuously raising the bar, one thing is clear: the vendor reviews of the past will no longer be sufficient in today's environment.

In this presentation Stephen Boyer, CTO and Cofounder of BitSight Technologies will explore:

The evolving regulatory landscape regarding Vendor Risk Management, and the
practices organizations are adopting to meet these more stringent demands.

Why continuous monitoring of vendor security performance is both critical and
achievable, through the use of datadriven,
evidence based security ratings

How a global financial services firm is transforming the way they select and interact with vendors and
suppliers, detailing their own industry-leading
practices in VRM and how the use of
security performance ratings is allowing them to harden their extended enterprise.

Background

The connectivity we provide to our business partners is proving to be a highly vulnerable attack vector. In this session we'll take a fresh look at vendor risk management by monitoring their actual network behavior profile, comparing that to known malicious activity patterns and arriving at individual risk scores for each partner.

Trust, But Verify: The Evolution of Vendor Risk Management in Financial Institutions

Request to Republish Content

Trust, But Verify: The Evolution of Vendor Risk Management in Financial Institutions

Email this Content

Trust, But Verify: The Evolution of Vendor Risk Management in Financial Institutions

Stephen Boyer

CTO & Co-Founder, BitSight Technologies

Boyer is Chief Technology Officer and Co-founder of BitSight Technologies, an innovative security risk management company backed by the National Science Foundation, Globespan Capital Partners, Menlo Ventures, Flybridge Capital Partners, and Commonwealth Capital Ventures. He has nearly 15 years of experience in the security and risk management space. Before BitSight, Boyer founded Saperix and sold it to FireMon. Prior to Saperix, Boyer spent a decade at MIT Lincoln Labs researching and developing next generation information security technology.